Skip to main content

Siebel Core Server Framework

16 CVEs product

Monthly

CVE-2021-2353 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Loging). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2021-2039 HIGH This Week

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Search). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
CVSS 3.1
7.6
EPSS
0.9%
CVE-2020-24750 Maven HIGH PATCH This Week

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Jackson Databind Agile Plm Application Testing Suite Autovue For Agile Product Lifecycle Management +22
NVD GitHub
CVSS 3.1
8.1
EPSS
7.3%
CVE-2020-11612 Maven HIGH PATCH This Week

The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Netty Debian Linux Fedora Oncommand Api Services +9
NVD GitHub
CVSS 3.1
7.5
EPSS
9.4%
CVE-2019-2777 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2019-0201 Maven MEDIUM PATCH This Month

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Apache Activemq Drill Zookeeper +7
NVD
CVSS 3.1
5.9
EPSS
9.6%
CVE-2018-2789 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
CVSS 3.0
5.0
EPSS
1.0%
CVE-2017-10162 MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2017-10049 MEDIUM PATCH This Month

Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM (subcomponent: Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2016-5466 LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
3.7
EPSS
0.4%
CVE-2016-5462 LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
2.7
EPSS
0.3%
CVE-2016-5461 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2016-5460 LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
3.7
EPSS
0.4%
CVE-2016-5456 MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
5.3
EPSS
0.3%
CVE-2016-3469 LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
3.3
EPSS
0.1%
CVE-2016-3450 LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD
CVSS 3.0
3.7
EPSS
0.4%
EPSS 0% CVSS 4.4
MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Loging). Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
EPSS 1% CVSS 7.6
HIGH This Week

Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Search). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
EPSS 7% CVSS 8.1
HIGH PATCH This Week

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Jackson Databind Agile Plm +24
NVD GitHub
EPSS 9% CVSS 7.5
HIGH PATCH This Week

The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Netty Debian Linux +11
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
EPSS 10% CVSS 5.9
MEDIUM PATCH This Month

An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Apache Activemq +9
NVD
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Siebel Core Server Framework
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM (subcomponent: Search). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 2.7
LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote administrators to affect confidentiality via. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows local users to affect confidentiality via vectors. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Oracle Siebel Core Server Framework
NVD
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Oracle Siebel Core Server Framework
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy